Working in Active Directory Users and Computers (ADUC) trying to delete an Organizational Unit (OU), you get the following error :

Active Directory Domain Services

You do not have sufficient privileges to delete < Organizational Unit >, or this
object is protected from accidental deletetion.

By default, you need to uncheck the box “Protect object from accidental deletion”. To achieve this, you need to activate Advanced Features on ADUC console.

Click on : View > Advanced Features

Now you got a lot more options!

Right click on the OU you want to remove and then Properties ;
Click on Object tab ;
Uncheck the box Protect object from accidental deletion.

You’re done!

On a multi DC (Windows 2003 – 2008) Active Directory, you may encounter the following NTDS event :

Active Directory failed to create an index for the following attribute.

Attribute identifier:
591789
Attribute name:
msFVE-RecoveryGuid

A schema cache update will occur 5 minutes after the logging of this event and will attempt to create an index for the attribute.

Additional Data
Error value:
-1403 JET_errIndexDuplicate, Index is already defined

This is probably caused by a recently added DC running Windows Server 2008, attempting to do a scheme update on the forest to add BitLocker Drive Encryption.

Unfortunately, this feature is not supported by Windows Server 2003.

Here is a workaround to solve this problem – First, find out which DC is propagating this policy (type the following in the command prompt) :

netdom query fsmo

Then, logon in the domain controller causing this and do the following :

- Start / Run; adsiedit.msc
- Open the Schema container and copy the container that contain the schema objects
- Then, click searchFlags and then Edit
- In the Integer Attribute Editor, change the value 27 to 25
- Repeat again step the three latest steps for msFVE-VolumeGuid objects.

You may notify in /var/log/messages the following error about smbd daemon regarding the cupsd printing service :

smbd[5955]: [2011/05/13 15:03:59, 0] printing/print_cups.c:cups_connect(69)
May 13 15:03:59 neptune smbd[5955]:   Unable to connect to CUPS server localhost:631 – Connection refused

This occur when the service is disabled.  If you do not have a printer and do not want the printing service, you may want to disable this in the samba config file to avoid the system log print this error every eight minutes.  To do so edit the following file :

vi /etc/samba/smb.conf

[global]
load printers = no
printing = none